Exemplo n.º 1
0
def login(request, template):
    """Try to log the user in."""
    if request.method == 'GET' and not request.MOBILE:
        url = reverse('users.auth') + '?' + request.GET.urlencode()
        return HttpResponsePermanentRedirect(url)

    next_url = get_next_url(request) or reverse('home')
    form = handle_login(request)

    if request.user.is_authenticated():
        # Add a parameter so we know the user just logged in.
        # fpa =  "first page authed" or something.
        next_url = urlparams(next_url, fpa=1)
        res = HttpResponseRedirect(next_url)
        max_age = (None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE else
                   settings.SESSION_COOKIE_AGE)
        res.set_cookie(settings.SESSION_EXISTS_COOKIE,
                       '1',
                       secure=False,
                       max_age=max_age)
        return res

    if request.MOBILE:
        return render(request, template, {'form': form, 'next_url': next_url})

    return user_auth(request, login_form=form)
Exemplo n.º 2
0
def login(request, template):
    """Try to log the user in."""
    if request.method == 'GET' and not request.MOBILE:
        url = reverse('users.auth') + '?' + request.GET.urlencode()
        return HttpResponsePermanentRedirect(url)

    next_url = get_next_url(request) or reverse('home')
    form = handle_login(request)

    if request.user.is_authenticated():
        # Add a parameter so we know the user just logged in.
        # fpa =  "first page authed" or something.
        next_url = urlparams(next_url, fpa=1)
        res = HttpResponseRedirect(next_url)
        max_age = (None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE
                        else settings.SESSION_COOKIE_AGE)
        res.set_cookie(settings.SESSION_EXISTS_COOKIE,
                       '1',
                       secure=False,
                       max_age=max_age)
        return res

    if request.MOBILE:
        return render(request, template, {
            'form': form,
            'next_url': next_url})

    return user_auth(request, login_form=form)
Exemplo n.º 3
0
def user_auth(request, notification=None):
    """
    Show user authorization page which includes a link for
    FXA sign-up/login and the legacy login form
    """
    next_url = get_next_url(request) or reverse("home")
    help_text = _(
        "Continuing with Firefox Accounts means you have agreed with the " +
        "{terms_open}Terms and Conditions{terms_close} and " +
        "{privacy_open}Privacy Policy{privacy_close}.").format(
            terms_open=
            "<a href='https://www.mozilla.org/about/legal/terms/services/'>",
            terms_close="</a>",
            privacy_open="<a href='https://www.mozilla.org/privacy/firefox/'>",
            privacy_close="</a>",
        )
    return render(
        request,
        "users/auth.html",
        {
            "next_url": next_url,
            "notification": notification,
            "auth_page_help_text": help_text
        },
    )
Exemplo n.º 4
0
def logout(request):
    """Log the user out."""
    auth.logout(request)
    statsd.incr("user.logout")

    res = HttpResponseRedirect(get_next_url(request) or reverse("home"))
    res.delete_cookie(settings.SESSION_EXISTS_COOKIE)
    return res
Exemplo n.º 5
0
def logout(request):
    """Log the user out."""
    auth.logout(request)
    statsd.incr('user.logout')

    res = HttpResponseRedirect(get_next_url(request) or reverse('home'))
    res.delete_cookie(settings.SESSION_EXISTS_COOKIE)
    return res
Exemplo n.º 6
0
def join_contributors(request):
    """Join the Contributors group."""
    next = get_next_url(request) or reverse('home')
    group = Group.objects.get(name='Contributors')
    request.user.groups.add(group)
    messages.add_message(request, messages.SUCCESS,
                         _('You are now part of the Contributors group!'))
    return HttpResponseRedirect(next)
Exemplo n.º 7
0
def join_contributors(request):
    """Join the Contributors group."""
    next = get_next_url(request) or reverse('home')
    group = Group.objects.get(name='Contributors')
    request.user.groups.add(group)
    messages.add_message(request, messages.SUCCESS,
                         _('You are now part of the Contributors group!'))
    return HttpResponseRedirect(next)
Exemplo n.º 8
0
def user_auth(request, notification=None):
    """
    Show user authorization page which includes a link for
    FXA sign-up/login and the legacy login form
    """
    next_url = get_next_url(request) or reverse("home")

    return render(request, "users/auth.html", {
        "next_url": next_url,
        "notification": notification
    })
Exemplo n.º 9
0
def user_auth(request, notification=None):
    """
    Show user authorization page which includes a link for
    FXA sign-up/login and the legacy login form
    """
    next_url = get_next_url(request) or reverse('home')

    return render(request, 'users/auth.html', {
        'next_url': next_url,
        'notification': notification
    })
Exemplo n.º 10
0
def logout(request, already_migrated=False):
    """Log the user out."""
    auth.logout(request)
    statsd.incr('user.logout')

    if already_migrated:
        res = user_auth(request, notification='already_migrated')
    else:
        res = HttpResponseRedirect(get_next_url(request) or reverse('home'))

    res.delete_cookie(settings.SESSION_EXISTS_COOKIE)
    return res
Exemplo n.º 11
0
def watch_locale(request):
    """Watch/unwatch a locale."""
    locale = request.LANGUAGE_CODE
    if request.POST.get("watch") == "yes":
        NewPostInLocaleEvent.notify(request.user, locale=locale)
        NewThreadInLocaleEvent.notify(request.user, locale=locale)
    else:
        NewPostInLocaleEvent.stop_notifying(request.user, locale=locale)
        NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale)

    # If there is no next url, send the user to the home page.
    return HttpResponseRedirect(get_next_url(request) or reverse("home"))
Exemplo n.º 12
0
def watch_locale(request):
    """Watch/unwatch a locale."""
    locale = request.LANGUAGE_CODE
    if request.POST.get('watch') == 'yes':
        NewPostInLocaleEvent.notify(request.user, locale=locale)
        NewThreadInLocaleEvent.notify(request.user, locale=locale)
        statsd.incr('kbforums.watches.locale')
    else:
        NewPostInLocaleEvent.stop_notifying(request.user, locale=locale)
        NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale)

    # If there is no next url, send the user to the home page.
    return HttpResponseRedirect(get_next_url(request) or reverse('home'))
Exemplo n.º 13
0
def watch_locale(request):
    """Watch/unwatch a locale."""
    locale = request.LANGUAGE_CODE
    if request.POST.get('watch') == 'yes':
        NewPostInLocaleEvent.notify(request.user, locale=locale)
        NewThreadInLocaleEvent.notify(request.user, locale=locale)
        statsd.incr('kbforums.watches.locale')
    else:
        NewPostInLocaleEvent.stop_notifying(request.user, locale=locale)
        NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale)

    # If there is no next url, send the user to the home page.
    return HttpResponseRedirect(get_next_url(request) or reverse('home'))
Exemplo n.º 14
0
def user_auth(request, contributor=False, register_form=None, login_form=None):
    """Try to log the user in, or register a user.

    POSTs from these forms do not come back to this view, but instead go to the
    login and register views, which may redirect back to this in case of error.
    """
    next_url = get_next_url(request) or reverse("home")

    if login_form is None:
        login_form = AuthenticationForm()
    if register_form is None:
        register_form = RegisterForm()

    return render(
        request,
        "users/auth.html",
        {"login_form": login_form, "register_form": register_form, "contributor": contributor, "next_url": next_url},
    )
Exemplo n.º 15
0
def user_auth(request, contributor=False, register_form=None, login_form=None):
    """Try to log the user in, or register a user.

    POSTs from these forms do not come back to this view, but instead go to the
    login and register views, which may redirect back to this in case of error.
    """
    next_url = get_next_url(request) or reverse('home')

    if login_form is None:
        login_form = AuthenticationForm()
    if register_form is None:
        register_form = RegisterForm()

    return render(request, 'users/auth.html', {
        'login_form': login_form,
        'register_form': register_form,
        'contributor': contributor,
        'next_url': next_url})
Exemplo n.º 16
0
def user_auth(request, login_form=None, notification=None):
    """
    Show user authorization page which includes a link for
    FXA sign-up/login and the legacy login form
    """
    next_url = get_next_url(request) or reverse('home')

    if login_form is None:
        login_form = AuthenticationForm()

    # on load, decide whether legacy or FXA form is visible
    legacy_form_visible = bool(login_form.errors)

    return render(
        request, 'users/auth.html', {
            'login_form': login_form,
            'next_url': next_url,
            'notification': notification,
            'legacy_form_visible': legacy_form_visible,
        })
Exemplo n.º 17
0
def login(request, template):
    """Try to log the user in."""
    if request.method == "GET" and not request.MOBILE:
        url = reverse("users.auth") + "?" + request.GET.urlencode()
        return HttpResponsePermanentRedirect(url)

    next_url = get_next_url(request) or reverse("home")
    only_active = request.POST.get("inactive", "0") != "1"
    form = handle_login(request, only_active=only_active)

    if request.user.is_authenticated():
        # Add a parameter so we know the user just logged in.
        # fpa =  "first page authed" or something.
        next_url = urlparams(next_url, fpa=1)
        res = HttpResponseRedirect(next_url)
        max_age = None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE else settings.SESSION_COOKIE_AGE
        res.set_cookie(settings.SESSION_EXISTS_COOKIE, "1", secure=False, max_age=max_age)
        return res

    if request.MOBILE:
        return render(request, template, {"form": form, "next_url": next_url})

    return user_auth(request, login_form=form)
Exemplo n.º 18
0
 def test_query_string(self):
     """Query-strings remain intact."""
     r = self.r.get('/', {'next': '/new?f=b'})
     eq_('/new?f=b', get_next_url(r))
Exemplo n.º 19
0
 def test_bad_host_https_debug(self):
     """If settings.DEBUG == True, bad hosts pass."""
     r = self.r.get("/", {"next": "https://example.com"})
     with self.settings(DEBUG=True):
         eq_("https://example.com", get_next_url(r))
Exemplo n.º 20
0
 def test_get(self):
     """'next' can be a query-string parameter."""
     r = self.r.get("/users/login", {"next": "/kb/new"})
     eq_("/kb/new", get_next_url(r))
Exemplo n.º 21
0
 def test_get(self):
     """'next' can be a query-string parameter."""
     r = self.r.get("/users/login", {"next": "/kb/new"})
     eq_("/kb/new", get_next_url(r))
Exemplo n.º 22
0
 def test_bad_host_protocol_relative(self):
     """Protocol-relative URLs do not let bad hosts through."""
     r = self.r.get('/', {'next': '//example.com'})
     eq_(None, get_next_url(r))
Exemplo n.º 23
0
 def test_referer(self):
     """Use HTTP referer if nothing else."""
     r = self.r.get('/')
     r.META['HTTP_REFERER'] = 'http://su.mo.com/new'
     eq_('http://su.mo.com/new', get_next_url(r))
Exemplo n.º 24
0
 def test_post(self):
     """'next' in POST overrides GET."""
     r = self.r.post('/?next=/foo', {'next': '/bar'})
     eq_('/bar', get_next_url(r))
Exemplo n.º 25
0
def _get_next_url_fallback_localization(request):
    return get_next_url(request) or reverse('dashboards.localization')
Exemplo n.º 26
0
 def test_bad_host_protocol_relative(self):
     """Protocol-relative URLs do not let bad hosts through."""
     r = self.r.get('/', {'next': '//example.com'})
     eq_(None, get_next_url(r))
Exemplo n.º 27
0
 def test_bad_host_https(self):
     r = self.r.get('/', {'next': 'https://example.com'})
     eq_(None, get_next_url(r))
Exemplo n.º 28
0
 def test_referer(self):
     """Use HTTP referer if nothing else."""
     r = self.r.get('/')
     r.META['HTTP_REFERER'] = 'http://su.mo.com/new'
     eq_('http://su.mo.com/new', get_next_url(r))
Exemplo n.º 29
0
 def test_get(self):
     """'next' can be a query-string parameter."""
     r = self.r.get('/users/login', {'next': '/kb/new'})
     eq_('/kb/new', get_next_url(r))
Exemplo n.º 30
0
 def test_post(self):
     """'next' in POST overrides GET."""
     r = self.r.post('/?next=/foo', {'next': '/bar'})
     eq_('/bar', get_next_url(r))
Exemplo n.º 31
0
 def test_good_host_https(self):
     """Full URLs work with valid hosts."""
     r = self.r.post('/users/login',
                     {'next': 'https://su.mo.com/kb/new'})
     eq_('https://su.mo.com/kb/new', get_next_url(r))
Exemplo n.º 32
0
 def test_query_string(self):
     """Query-strings remain intact."""
     r = self.r.get('/', {'next': '/new?f=b'})
     eq_('/new?f=b', get_next_url(r))
Exemplo n.º 33
0
 def test_good_host_https(self):
     """Full URLs work with valid hosts."""
     r = self.r.post('/users/login',
                     {'next': 'https://su.mo.com/kb/new'})
     eq_('https://su.mo.com/kb/new', get_next_url(r))
Exemplo n.º 34
0
 def test_bad_host_protocol_relative(self):
     """Protocol-relative URLs do not let bad hosts through."""
     r = self.r.get("/", {"next": "//example.com"})
     eq_(None, get_next_url(r))
Exemplo n.º 35
0
 def test_get(self):
     """'next' can be a query-string parameter."""
     r = self.r.get('/users/login', {'next': '/kb/new'})
     eq_('/kb/new', get_next_url(r))
Exemplo n.º 36
0
 def test_good_host_https(self):
     """Full URLs work with valid hosts."""
     r = self.r.post("/users/login", {"next": "https://su.mo.com/kb/new"})
     eq_("https://su.mo.com/kb/new", get_next_url(r))
Exemplo n.º 37
0
 def test_bad_host_https(self):
     r = self.r.get('/', {'next': 'https://example.com'})
     eq_(None, get_next_url(r))
Exemplo n.º 38
0
 def test_bad_host_https(self):
     r = self.r.get("/", {"next": "https://example.com"})
     eq_(None, get_next_url(r))
Exemplo n.º 39
0
 def test_referer(self):
     """Use HTTP referer if nothing else."""
     r = self.r.get("/")
     r.META["HTTP_REFERER"] = "http://su.mo.com/new"
     eq_("http://su.mo.com/new", get_next_url(r))
Exemplo n.º 40
0
def locales(request, template):
    """The locale switcher page."""

    return render(request, template, dict(
        next_url=get_next_url(request) or reverse('home')))
Exemplo n.º 41
0
def _get_next_url_fallback_localization(request):
    return get_next_url(request) or reverse('dashboards.localization')
Exemplo n.º 42
0
 def test_post(self):
     """'next' in POST overrides GET."""
     r = self.r.post("/?next=/foo", {"next": "/bar"})
     eq_("/bar", get_next_url(r))
Exemplo n.º 43
0
 def test_bad_host_protocol_relative(self):
     """Protocol-relative URLs do not let bad hosts through."""
     r = self.r.get("/", {"next": "//example.com"})
     eq_(None, get_next_url(r))
Exemplo n.º 44
0
 def test_bad_host_https(self):
     r = self.r.get("/", {"next": "https://example.com"})
     eq_(None, get_next_url(r))
Exemplo n.º 45
0
def locales(request):
    """The locale switcher page."""
    template = 'sumo/locales.html'

    return render(request, template,
                  dict(next_url=get_next_url(request) or reverse('home')))
Exemplo n.º 46
0
 def test_bad_host_https_debug(self):
     """If settings.DEBUG == True, bad hosts pass."""
     r = self.r.get('/', {'next': 'https://example.com'})
     with self.settings(DEBUG=True):
         eq_('https://example.com', get_next_url(r))
Exemplo n.º 47
0
 def test_post(self):
     """'next' in POST overrides GET."""
     r = self.r.post("/?next=/foo", {"next": "/bar"})
     eq_("/bar", get_next_url(r))
Exemplo n.º 48
0
 def test_query_string(self):
     """Query-strings remain intact."""
     r = self.r.get("/", {"next": "/new?f=b"})
     eq_("/new?f=b", get_next_url(r))
Exemplo n.º 49
0
 def test_referer(self):
     """Use HTTP referer if nothing else."""
     r = self.r.get("/")
     r.META["HTTP_REFERER"] = "http://su.mo.com/new"
     eq_("http://su.mo.com/new", get_next_url(r))
Exemplo n.º 50
0
 def test_good_host_https(self):
     """Full URLs work with valid hosts."""
     r = self.r.post("/users/login", {"next": "https://su.mo.com/kb/new"})
     eq_("https://su.mo.com/kb/new", get_next_url(r))
Exemplo n.º 51
0
 def test_bad_host_https_debug(self):
     """If settings.DEBUG == True, bad hosts pass."""
     r = self.r.get('/', {'next': 'https://example.com'})
     with self.settings(DEBUG=True):
         eq_('https://example.com', get_next_url(r))
Exemplo n.º 52
0
 def test_query_string(self):
     """Query-strings remain intact."""
     r = self.r.get("/", {"next": "/new?f=b"})
     eq_("/new?f=b", get_next_url(r))